Cloud API Developer Guide
ClaimCenter Cloud API Developer Guide
Endpoint architecture
CRUD endpoint architecture
Reasons to modify configuration files
Syntax for schema configuration files
Schema file syntax
Mapping file syntax
Updater file syntax
Extension files
Swagger and apiconfig files
Integration graphs
Configuration troubleshooting
Adding properties to resources
Adding scalars
The schema extension file
The mapping extension file
The updater extension file
Adding compound datatypes
The schema extension file
The mapping extension file
The updater extension file
Adding foreign keys
Tools for configuring foreign keys
The SimpleReference schema
The ResourceReference mapper
Value resolvers
The URI Mapping
Foreign keys in the schema configuration files
The schema extension file
The mapping extension file
The updater extension file
The shared apiconfig file
Updater case 1: Root and resolved value have no common ancestor
Complete code sample for case 1
Updater case 2: Root and resolved value have a common ancestor
Complete code sample for case 2
Update case 3: Accessibility of resolved value is conditional
Complete code sample for case 3
Update case 4: Resolved value cannot be easily resolved by id alone
Adding one-to-ones
Example one-to-one
One-to-one relationships in the schema configuration files
The schema extension file
The mapping extension file
The updater extension file
Reserving IDs and checksums
Configuring ID and checksum behaviors
One-to-ones in responses and requests
Complete code sample for one-to-ones
Tutorials: Adding Properties
Tutorial: Schema configuration with scalars
Tutorial: Schema configuration with compound datatypes
Modifying endpoint behaviors
Collection-level behaviors
Making properties read only
Making properties required by the database
Making properties writeable at creation only
Making properties sortable
Making properties filterable
Excluding properties from responses
Adding additional metadata for properties
Obfuscating response data
Nullifying response data
Masking response data
Unmasking the base configuration taxID field
Localizing schemas
Architecture of localized text
Associating display keys with API elements
Localization key prefixes
Display key patterns for schema.json-files
Display key patterns for swagger.yaml files
Providing locale specific content for a given locale
Adding localized text for existing API elements
Adding localized text for new API elements
Adding a new locale
Generating extension endpoints
The REST endpoint generator
REST endpoint generator overview
Architecture and the REST endpoint generator
REST endpoint generator restrictions
Process for generating CRUD endpoints for an entity
Special use cases
Running the REST endpoint generator
Issues to consider before running the generator
The API for the new endpoints
The parent of the custom resource
Populating collections
Additional considerations
Running the REST endpoint generator
Running the REST endpoint generator from Studio
Create a run configuration for the REST endpoint generator
Use the run configuration to run the REST endpoint generator
Running the REST endpoint generator from the command prompt
The REST endpoint generator prompts
Completion of the script
Completing the configuration
Configuring the resource definition files
The resource definition files
Configuring the schema file for generated endpoints
Overview of schema file syntax
Modifications made to the schema file
Configuring the mapping file for generated endpoints
Overview of mapping file syntax
Modifications made to the mapping file
Configuring the updater file for generated endpoints
Overview of updater file syntax
Modifications made to the updater file
Configuring the swagger file for generated endpoints
Overview of swagger file syntax
Modifications made to the swagger file
Completing the configuration
Configuring glue and impl classes for generated endpoints
The glue and impl classes for generated endpoints
Configuring the apiconfig file
Configuring the element resource file
Configuring the collection resource file
Completing the configuration
Configuring authorization for generated endpoints
Configuring endpoint access for generated endpoints
Code generated in role.yaml files
Configuring code in role.yaml files
Configuring resource access for generated endpoints
Code generated in access.yaml files
Generated resource access code for internal users
Generated resource access code for external users
Generated resource access code for services
Generated resource access code for special use cases
Configuring generated resource access code
Completing the configuration
Additional considerations for generated endpoints
Integration graphs
The graph schema file
The graph mapper file
Mapping in the apiconfig file
Marking graph properties as eventSafe
Base configuration entities
Supertype entities
Shared handling
Separate handling
Policy descendant entities
Root resource endpoints
Root resource endpoints in Cloud API
Generating root resource endpoints
Configuring root resource endpoints
Root resource endpoint restrictions
Policy descendant entities
Policy descendants in Cloud API
Data model considerations
Differences in the generator prompts
Differences in the generated files
Differences in the configuration work
Custom incident and risk unit implementation
Incidents and risk units: Implementation overview
Overview of incidents and risk units
Incidents
Risk units
Damageables
Data model designs for risk units and incidents
Implementing endpoints for custom incidents and risk units
Incidents and risk units: Data model design
Data model design with "no damageable"
The custom incident entity (no damageable)
The custom risk unit entity (no damageable)
Data model design "with damageable"
The custom incident entity with damageable
The custom risk unit entity with damageable
The damageable entity
Incidents and risk units: Incident endpoints
Differences in the generator prompts
Differences in the generated files
Incidents and risk units: Risk unit endpoints
Differences in the generator prompts
Differences in the generated files
Incidents and risk units: Configuration with no damageable
Create a JSON value resolver for the custom risk unit
Syntax for a custom risk unit value resolver
Example custom risk unit value resolver
Configure the schema extension file
Configure the mapping extension file
Configure the updater extension file
Complete configuration example
Additional post-schema configuration
Additional work for the incident endpoints
Additional work for the risk unit endpoints
Incidents and risk units: Configuration with damageable
Create a JSON value resolver for the damageable
Syntax for a custom risk unit value resolver
Example custom damageable value resolver
Configure the schema extension file
Configure the mapping extension file
Configure the updater extension file
Additional post-schema configuration
Additional work for the incident endpoints
Additional work for the risk unit endpoints
Configuration for other specific use cases
Configuring batch processes
Configuring Cloud API to support custom batch process arguments
Configuring the BatchProcessArguments schema
Configuring the BatchProcessExtResource class
Configuring address locales
Properties in the Address schema
Properties in the addresses.i18n.yaml file
Configuration tasks
Extending claim search
Exposing financial calculations
The FinancialCalculations collection resource
Graph-based policy retrieval
Overview of graph-based policy retrieval
Plugin architecture that makes no use of graph-based retrieval
Plugin architecture that makes use of graph-based retrieval
Steps to implement graph-based retrieval
Sample return value for getPolicyGraph
Graph-based policy refresh
Policy refresh and the IPolicySearchAdapter
Policy refresh scenarios (without search)
Policy refresh scenarios (with search)
Steps to implement graph-based refresh
Choosing an authentication flow
Overview of authentication
Types of callers
Authentication architecture
Types of access
Authentication methods
Constructing JWTs
Authentication failure error messages
List of developer tasks
Selecting an authentication flow
Auth flows to choose from
Detailed discussion of issues to consider
Which OAuth flow must the caller application use?
Which user is attached to the session?
Where do authorization values come from?
Who enforces resource access?
What values are used as resource access IDs?
Summary of the issues to consider
Additional auth flows
Authentication flows in detail
Basic authentication
Overview of basic authentication
Credentials
Authorization
Request headers
Example flow for basic authentication
Supported environments for basic auth
Disable basic auth in development environments
Implementation checklist for basic authentication
Sending authenticated calls with basic authentication
Send a Postman call with basic authentication
OAuth2 authorization code flow: Internal users
Overview of authentication for internal users
Credentials
Authorization
JWTs for internal users
Logging
Example flow for internal users
Implementation checklist for internal users
Sending authenticated calls for internal users
OAuth2 authorization code flow: External users
Overview of authentication for external users
Credentials
Authorization
JWTs for external users
Logging
Example flow for external users
Implementation checklist for external users
Sending authenticated calls for external users
OAuth2 client credential flow: Standalone services
Authentication options for services
Overview of authentication for standalone services
Credentials
Authorization
JWTs for standalone services
Logging
Example flow for standalone services
Implementation checklist for standalone services
Sending authenticated calls for standalone services
OAuth2 client credential flow: Services with user context
Authentication options for services
Overview of authentication for services with user context
Credentials
Authorization
JWTs for services with user context
Logging
Example flow for services with user context
Implementation checklist for services with user context
Sending authenticated calls for services with user context
OAuth2 client credential flow: Services with service account mapping
Authentication options for services
Overview of authentication for services with service account mapping
Credentials
Authorization
JWTs for services with service account mapping
Mapping services to service accounts
Logging
Example flow for services with service account mapping
Implementation checklist for services with service account mapping
Sending authenticated calls for services with service account mapping
Unauthenticated callers
Overview of authentication for unauthenticated callers
Credentials
Authorization
JWTs for unauthenticated callers
Logging
Example flow for unauthenticated callers
Implementation checklist for unauthenticated callers
Implementing authentication
Enabling bearer token authentication
Enabling asymmetric encryption
Enable asymmetric encryption
Specifying deployment information
Configuring the IdP
Configure the IdP for internal users
Configure the IdP for external users
Registering the caller application with Guidewire Hub
Register an application with Guidewire Hub
Endpoint access
API role files
API role names
API role endpoints
API role accessible fields
API role special permissions
API role example
Assigning API roles to callers
Assigning API roles to internal users
Assigning API roles to external users
Assigning API roles to standalone services
Assigning API roles to services with user context
Assigning API roles to services with service account mapping
Assigning API roles to other types of callers
Reserved roles
Designing API role files
Configuring API roles
Create an API role file
Modify an API role file
API roles and lookup performance
API roles and localization
Resource access
Overview of resource access strategies
Functionality of specific resource access strategies
The contactAuthorizationIds resource access strategy
The producerCodes resource access strategy
The policyNumbers resource access strategy
The service resource access strategy
Resource access strategy files
Sections of a resource access file
Resource access files: permissions
Resource access files: filters
Resource access files: additional accessible fields filters
Filtered access to third-party data
Filtered, unfiltered, and privileged access
Architecture of third-party data access
How the contactAuthorizationIds strategy manages access
Behaviors for each resource type
How the producerCodes strategy manages access
Behaviors for each resource type
Configuring access to third-party data
Configuring access to base configuration entities
Configuring access for custom entities
Sorting and filtering on accessible fields
Filtering fields in a POST
Restricting access to service requests based on its services
Proxy user access
Proxy users
When is proxy user information used?
Configuring proxy users
Configuring the IExpandTokenPlugin plugin
Implementing the IExpandTokenPlugin plugin
Creating an IExpandTokenPlugin implementation class
Register the IExpandTokenPlugin plugin
Configuring contact authorization IDs
Assigning contact authorization IDs
Examples of possible assignment scenarios
Configuring contact authorization ID assignment
Configuring financial calculations access
Overview of financial calculations access
Granting access to financial expressions
Defining filter access
Base configuration restrictions
Configuring calls between InsuranceSuite applications
Troubleshooting auth issues
Examples of auth errors in the log
ContactManager authentication
ContactManager authentication
Supported caller types
Resource access for ContactManager
Tag-based access to contacts